The Monkey Kingdom, a Solana nonfungible token (NFT) project backed by American DJ Steve Aoki, reported on Twitter on Tuesday that hackers stole $1.3 million from the community's crypto funds through a security breach on Discord. According to its makers, the intrusion began with the vulnerability of Grape, a popular method for validating users on Solana. Hackers subsequently utilized the exploit to gain control of an administrative account, posting a phishing link on the Monkey Kingdom Discord's announcement channel. Users who connected their wallets to the URL expecting an NFT were instead robbed of their SOL tokens by the scammer.
Also Read: NFT Forgeries Are not Going Away Anytime Soon
Unfortunately, the attack occurred just as users were preparing for the project's second release. Sun Wukong, also known as "The Monkey King" in Chinese tradition, is the center of the Monkey Kingdom, which is made up of 2,222 algorithmically created NFTs. All earnings from the first sale of the NFTs were to be donated to a charity of one's choice, with the goal of assisting Asian communities around the world. It was one of the most successful NFT initiatives to emerge from Asia. A Twitter user claims to have lost about 650 SOL worth about $120,400 due to the hack, thinking it was the original mint link in the official discord channel of the community.
"Guys I got drained 650 $SOL.
It is one my biggest mistake.
I am always recommending people using burner but I was nervous and fomo the Monkey Kingdom Mint. Never thought it was not a legit mint link in official discord.
It is important money to my family: my wife, my son."
However, all is not lost because the staff at the Monkey Kingdom has set aside a compensation fund for victims and is on pace to reimburse individuals who have been harmed properly. The timetable and procedure for disbursing the monies have yet to be revealed. The crypto business is no stranger to phishing attacks. Scammers have been targeting Discord users and leveraging the site itself to arrange similar NFT attacks over the past year. Users are urged to share compensation news with the general community once it is received.